There has heretofore been a password authentication method wherein personal authentication is performed on the basis of a predetermined password entered by each individual to access an electronic computer or the like (this method will hereinafter be referred to as “method 1”). In many cases, a password is entered from a device, e.g. a keyboard, which is connected to an electronic computer. In such a case, a password is entered by depressing a key button corresponding to each symbol (a letter, a numeral, or a mark) constituting the password. If there is an error in entering the password, it can be rewritten by using a function key such as “Back-Space”.
There is also known a password authentication method using each individual's characteristics exhibited when entering data from a keyboard, wherein information concerning the time when the user types keys of a keyboard is used as one of authentication elements (this method will hereinafter be referred to as “method 2”). The method 2 uses, for example, a time (time 1) at which the user begins to depress a key of the keyboard and a time (time 2) at which the user finishes depressing the key. The length of time from when one key is depressed until another key is subsequently depressed is previously registered for each user and used as one of authentication elements. There has also been proposed a password authentication method in which the length of time (time 3) that the user continues to depress one key and the length of time (time 4) from when a user's finger is removed from one key until his/her finger is removed from another key depressed subsequently are added to the authentication elements.
The above-described password authentication is performed by a special-purpose program prepared therefor. The special-purpose program runs in the user mode (see the description given later) to obtain a time at which the user makes access from the keyboard. To be precise, information concerning data entry time such as the above-described time 1 and time 2 is obtained from a device driver for controlling the input device from which the user has accessed the electronic computer. Next, the device drivers of the conventional electronic computer, the operating modes thereof, etc. will be described.
The electronic computer comprises many hardware resources such as a central processing unit (CPU), storage devices (a memory, a hard disk, etc.), input devices (a keyboard, a mouse, etc.), output devices (a display, etc.), and peripheral devices (a printer, a scanner, etc.) that are connected through card slots. These hardware devices operate under the control of an OS (Operating System) stored in the storage device.
Various application programs used in the electronic computer run under the OS. The OS controls all the operations of the electronic computer and absorbs differences in specifications of different hardware to provide an environment common to the application programs. In other words, the OS is software that provides basic functions used mutually by many application programs, e.g. input/output functions such as keyboard entry and screen output, and management of the disk and the memory, and controls the whole system of the electronic computer. The OS is also known as “basic software”.
The hardware devices of the electronic computer are produced by a plurality of manufacturers, and the specifications thereof may differ among manufacturers. It is desirable for developers of programs using the electronic computer to develop application programs without noticing the differences in specifications of the hardware. The OS absorbs the differences in specifications of the hardware to provide an environment common to the application programs.
The developers of the application programs can save the time and labor for development and unify the operability of the application programs by making use of the function provided by the OS. An application program developed for a certain OS can basically be used in any electronic computer in which the OS can run.
There are a large number of different kinds of OS, represented by MS-DOS (registered trademark), UNIX (registered trademark), Linux, FreeBSD (registered trademark), etc. Among them, the Windows series available from Microsoft is the most popular OS for use by corporations and general home users. Mac OS (registered trademark) available from apple is widely used in the DTP industry and the multimedia industry. Servers of corporations and scientific institutions often use UNIX-based OS's developed by various companies and UNIX-based OS's such as Linux and FreeBSD, which are distributed without charge. In recent years, Windows NT/2000 (registered trademark) available from Microsoft has been increasing the share of the market as an OS for servers.
[Conventional Architecture]
FIG. 13 outlines the architecture of the Windows NT/2000 (registered trademark) as a typical OS. As will be understood from FIG. 13, Windows NT/2000 has generally a hierarchical structure comprising hardware 2, an OS 3, and an application program 4 that implements a function requested by the actual user. A microkernel 51 is a program for performing general management of the OS 3. Various software programs (kernel mode software) that run in layers above the layer of the microkernel 51 and the microkernel 51 for the core constitute a kernel mode 8 (see the description given later). The application program 4 in the topmost layer runs in the user mode 9 (see the description given later).
The OS 3 has a hierarchical structure that, roughly speaking, comprises an executive 50, a microkernel 51, and a hardware abstraction layer (HAL) 52. The HAL 52 is located in a layer immediately above the hardware 2. The HAL 52 is a program designed to attach importance to the control of hardware. The program absorbs differences in specifications of various hardware devices such as processors to provide the same environment (independent of models) for services in higher-order layers (the microkernel 51, the executive 50, etc.).
The microkernel 51 provides overall basic functions of the system. The executive 50 is an integrated whole of programs for implementing the provision of main services from the OS 3 by utilizing service functions provided by the microkernel 51 and the HAL 52. The executive 50 includes typical executive programs such as a cache manager 53, an object manager 54, a process manager 55, a memory manager 56, and an I/O manager 57.
The object manager 54 is a program for supervising a running object (a program for implementing a function to be performed) and executing control and adjustment therefor. The process manager 55 is a program for supervising a process in progress (a program for performing only a certain function) and making adjustment therefor. The cache manager 53 and the memory manager 56 are programs for controlling and adjusting memory and virtual memory. The I/O manager 57 is a program for supervising and controlling the input/output function of the OS 3. The mode in which the electronic computer operates under the executive 50 is called “kernel mode 8”.
In the kernel mode 8, any instruction for running the OS 3 is executable. If an erroneous instruction is executed, there may be an adverse effect on the whole system. Further, the functions of the OS 3 include a user mode 9 that is completely open to the user to run an application program, etc. In the user mode 9, instructions for running the OS 3 are limited so that an adverse effect is not exerted on the system. Because the system automatically intercepts instructions that may have an adverse effect on the system, an environment easy for the user to use is provided.
However, the provision of such a limitation is the same as limiting the functions of the OS 3. Therefore, the application program 4 that runs in the user mode 9 cannot directly access any part relating to the hardware 2 and has to pass through the kernel mode 8 to access the hardware 2. The kernel mode 8 enables full use of the functions of the OS 3 and also allows complete access to each input/output device. In addition, a program that runs in the kernel mode 8 is processed with priority to a program that runs in the user mode 9. Thus, high performance can be obtained.
Device drivers 5 belong to the OS 3. The device drivers 5 are software programs for managing external hardware devices of the electronic computer. The device drivers 5 run in the kernel mode 8. Usually, there is only one device for each device driver 5 that has the same attributes as those of the device driver 5. The application program 4 that runs in the user mode 9 has to pass through the device drivers 5 to access the respective devices.
For example, in a case where, as shown in FIG. 14, data is transferred from a device A to a device B, the flow of the data is as follows: “device A”→“device driver A”→(switching the operating mode from the kernel mode 8 to the user mode 9) “application program 4” (switching the operating mode from the user mode 9 to the kernel mode 8)→“device driver B”→“device B”. Thus, the system carries out processing while switching the operating mode from the kernel mode 8 to the user mode 9 or from the user mode 9 to the kernel mode 8.
The switching between the user mode 9 and the kernel mode 8 is time-consuming processing. When a large amount of data such as image data is transferred, the transfer speed becomes slow, and hence an increased length of time is required to transfer the data. Accordingly, it is difficult to make the transfer speed at the application level. The reason for this is that it is necessary to switch between the user mode 9 and the kernel mode 8 for each processing of the application program 4.
Here, let us explain the conventional operating procedure executed to transfer data between devices. FIG. 14 outlines the relationship between the application program 4 and the device drivers 5 on the one hand and the operating modes 8 and 9 on the other. As will be understood from the figure, the application program 4 runs in the user mode 9.
The device drivers 5 are incorporated in the OS 3 to run in the kernel mode 8. Devices 6 constituting the hardware 2 of the electronic computer comprise various internal devices and external devices connected to the electronic computer. Each device 6 is controlled from a device driver 5 specific thereto. In other words, all access to the devices 6 is made through the respective device drivers 5. The device drivers 5 run in response to instructions from the application program 4 through the OS 3.
Next, the flow of data transmission will be explained with reference to the flowchart of FIG. 15. Let us explain the flow of data as transferred from the device A to the device B by the application program 4, which runs in the user mode 9, while comparing the operating modes 8 and 9 of the system. First, the application program 4 sends a data transfer request (instruction) (S50).
At this time, a data transmission request is sent to the device A (S51), and a data reception request is sent to the device B (S52). The operating mode of the system is switched from the user mode 9 to the kernel mode 8. The device driver A receives the data transmission request (S53) and transmits it to the device A (S54). The device A receives the data transmission request (S55) and transmits data (S56). The device driver A receives the transmitted data (S57) and internally processes the data (S58) and then transmits the processed data to the application program 4 (S59).
The operating mode of the system is switched from the kernel mode 8 to the user mode 9. The application program 4 receives and processes the data (S60 and S61) and transmits the processing result to the device driver B (S62). The operating mode of the system is switched from the user mode 9 to the kernel mode 8 again. The device driver B receives the data (S63) and internally processes the received data (S64) and then transmits the processing result to the device B (S65).
The device B receives the data (S66) and sends information indicating the receipt of the data to the device driver B (S67). The device driver B receives the data receipt information (S68) and informs the application program 4 of the completion of the data transfer (S69). The system is switched to the user mode 9. The application program 4 receives the data transfer completion information (S70) and starts the next processing. Thus, the series of data transfer processing operations ends (S71).
Thus, data is transferred as follows: “device A”→“device driver A”→(switching between the operating modes) “application program 4” (switching between the operating modes)→“device driver B”→“device B”. During the data transfer, the system operates while repeatedly switching the operating mode between the kernel mode 8 and the user mode 9. As the amount of data to be handled increases, the number of operating mode switching operations increases.
Further, when another application program is simultaneously running on the system, the system switches between the operating modes for this application program. Consequently, the number of times of switching between the operating modes performed in the system becomes large as a whole, causing a delay in the execution processing of the application programs. The increase in the number of times of switching between the operating modes is likely to cause a reduction in the speed of data transmission/reception processing. In particular, when there is a strong demand for real-time execution capability for image processing or the like, the increase in the number of times of switching between the operating modes may disorder the image displayed on the screen.
To ensure the required system performance in the above-described system, it is important to advance the technology for developing and designing hardware devices and the technology for developing the device drivers 5 for controlling the pieces of hardware 2. To transfer a large amount of data such as image data, in particular, it is desirable to minimize the number of times of switching between the user mode 9 and the kernel mode 8 to thereby increase the speed of data transfer. When there is a strong demand for ensuring the integrity of data, it is desirable that data should be transferred in the kernel mode 8, in which no data can be touched by the user. Particularly, when user authentication is performed by using a password, the integrity of password data, which is confidential data, is very important.
WO98/47074 discloses a data transfer technique wherein in the kernel mode, control is shown between drivers in a hierarchical structure. However, this document discloses nothing about the personal authentication technique of the present invention.
Next, the procedure for personal authentication will be described.
Next, let us consider a case where a user enters a password (assumed to be “PIANO”, for example) from a keyboard connected to an electronic computer, and a special-purpose application program for password authentication performs authentication. In this case, the keyboard corresponds to the device 6, and the special-purpose application program for password authentication corresponds to the application program 4. The keyboard driver for the keyboard corresponds to the device driver 5.
The procedure in which the application program 4 obtains information concerning the key actuation for entering from the keyboard will be described below by using the flowchart of FIG. 16. Information concerning the key actuation includes information as to which key has been depressed or released.
First, the application program 4 is started (user mode; S80). The application program 4 instructs the keyboard driver to transmit data entered from the keyboard (user mode; S81). The keyboard driver receives the instruction (mode switched to kernel mode; S82) and transmits the transmission request of key actuation data to the keyboard (kernel mode; S83).
The keyboard receives the key actuation data transmission request (S84) and transmits key actuation data (S85). The keyboard driver receives the data (kernel mode; S86) and internally processes the received data (S87) and then transmits the processed data to the application program 4 (kernel mode; S88). The application program 4 receives the key actuation data from the keyboard driver (mode switched to user mode; S89) and also receives system clock data to grasp the time of the key actuation (S90).
Then, the application program shifts to the next processing (S91). Thus, the series of processing operations ends (S92). When it is necessary to obtain key actuation data again, the procedure from S80 to S92 is repeated. Thus, a series of operations for entering one letter with a key is performed while switching between the user mode and the kernel mode. For the subsequent key actuation, similar operations are repeated. After all the letters of the password have been received with the user and kernel modes switched from one to another as stated above, the received data is encrypted to perform authentication.
The above-mentioned method 1 has the disadvantage that because the password readily becomes known to others, it is easy for another person to make unauthorized access. This problem is overcome by the above-mentioned method 2, which uses each individual's characteristics exhibited when entering data from an input device, for example, each individual's peculiar way of operating a keyboard. However, once the user has logged in to the electronic computer, anyone can use it. For example, when the user leaves the electronic computer for a while after logging in, it is possible for another person to access the computer or to tamper with it by impersonating the user.
When another application program is running on the electronic computer, the special-purpose application program for password authentication receives information concerning the entry of data from the device driver. The application program performs the operation receiving information while switching between the user mode and the kernel mode. Therefore, it is impossible to obtain accurate data entry time, and hence the data entry time error becomes large. This may cause a reduction in the rate of authentication of the authorized user. To increase the rate of authentication of the authorized user, the authentication accuracy has to be undesirably lowered.
FIG. 9 is a graph in which the time that the user depresses a key to enter a letter from a keyboard is plotted along the abscissa axis, and the length of time that the user continues to depress the key is plotted along the ordinate axis. The graph (a) in FIG. 9 is assumed to be a true graph showing the time when the user enters data. If time errors of an individual that may arise when a certain user having entry characteristics enters data are taken into consideration, the time that the user depresses one key can be substantially graphed in the form of a quadrangle 60.
When the application program is used to obtain the time that the user depresses keys, as shown in the graph (b) of FIG. 9, the error range of time when the user enters data undesirably enlarges as shown by ellipses 61. When the system is executing processing being imposed a heavy load on the central processing unit and the like of the electronic computer, for example, when the system is executing another application program, the time lag increases as shown by lines 62 and 63. If the time lag becomes large, the user's original data of entry characteristics may fail to appear.
Further, an application program that implements authentication as stated above is one that runs in the user mode. With such an application program, a time difference undesirably occurs in the extraction of timing at which an individual types a key. It will be clear from the foregoing description that there is a difference between timing extraction performed when almost no application program is running in the user mode and timing extraction performed when an application program executing processing of a large amount of data is running in the user mode. Therefore, it is necessary to preset the error range larger than is actually needed for user authentication. This may lead to authentication accuracy degradation.
Japanese Patent Application Unexamined Publication (KOKAI) No. 2000-305654 proposes a system in which personal authentication is performed by using each individual's characteristics exhibited when entering data from a keyboard. With this system, however, it is difficult to perform accurate timing extraction because of a large number of times of switching the kernel mode as stated above.
With the above-mentioned technical background, the present invention was made to attain the next objects.
An object of the present invention is to provide a personal authentication method using each individual's characteristics exhibited when entering data from an input device of an electronic computer in a network system, wherein personal authentication of a user of the electronic computer can be performed in a kernel mode that is an operating mode of an OS used in the electronic computer. The present invention also provides a program for the personal authentication method and a recording medium for the program.
Another object of the present invention is to provide a personal authentication method using each individual's characteristics exhibited when entering data from an input device of an electronic computer in a network system, wherein the time that a user of the electronic computer actuates the input device, e.g. a keyboard of an electronic computer, can be extracted accurately. The present invention also provides a program for the personal authentication method and a recording medium for the program.
Still another object of the present invention is to provide a personal authentication method using each individual's characteristics exhibited when entering data from an input device of an electronic computer in a network system, wherein the confidentiality of data can be protected and safe transfer of data can be achieved by using an interface common to an application program and device drivers. The present invention also provides a program for the personal authentication method and a recording medium for the program.
Still another object of the present invention is to provide a personal authentication method using each individual 's characteristics exhibited when entering data from an input device of an electronic computer in network system, wherein an unauthorized access can be prevented by supervising on-line a user of the electronic computer via a network system. The present invention also provides a program for the personal authentication method and a recording medium for the program.
The personal authentication method using each individual's characteristics exhibited when entering data from an input device of an electronic computer in network system and the program for the personal authentication method and further the recording medium for the program according to the present invention have the following advantages.
In the present invention, collection of data about the time of actuation of a keyboard or the like for personal authentication of a user of the electronic computer is performed in a kernel mode that is an operating mode of an OS used in the electronic computer via a network system. Therefore, accurate timing can be extracted, and hence the reliability of the personal authentication is enhanced.
In the present invention, personal authentication is performed by using an interface common to an application program and device drivers, and utilizing the program of the interface driver via a network system. Therefore, the confidentiality of data is protected, and safe transfer of data can be achieved.
In the present invention, a user of the electronic computer can be authorized personally and supervised on-line via a network system. Therefore, an unauthorized access can be prevented.